Symmetric Encryption
Symmetric encryption is a cryptographic method where the same key is used for both encryption and decryption of data. It is fast and efficient, making it ideal for encrypting large amounts of data.
In system design, symmetric encryption is used to secure sensitive data like:
- Stored files and database records (data at rest)
- Network communication (data in transit)
- Cached session data
- API keys or tokens
Key Concepts of Symmetric Encryption
| Term | Description |
|---|---|
| Plaintext | Original data before encryption |
| Ciphertext | Encrypted data |
| Encryption Key | Secret key used to encrypt and decrypt data |
| Block Cipher | Encrypts data in fixed-size blocks (e.g., AES) |
| Stream Cipher | Encrypts data bit-by-bit or byte-by-byte (e.g., RC4) |
Common Symmetric Encryption Algorithms
| Algorithm | Description |
|---|---|
| AES (Advanced Encryption Standard) | Most widely used, supports 128, 192, and 256-bit keys |
| DES (Data Encryption Standard) | Older, less secure |
| 3DES (Triple DES) | DES applied three times; still slower and largely deprecated |
| ChaCha20 | Modern, fast stream cipher, good for mobile/low-power devices |
Example using AES
Scenario: You are designing a healthcare app that stores users’ medical records in a database. These records must be encrypted to meet compliance requirements (like HIPAA or GDPR).
User Enters Data
│
▼
[Backend API Server]
│
├── Encrypt Data using AES-256 and a secure key (K)
│
▼
[Encrypted Data Stored in Database]
Later...
▲
│
[Backend Decrypts Data using same key (K)]
│
▼
User Sees Decrypted Medical Record
Symmetric vs Asymmetric
| Feature | Symmetric | Asymmetric |
|---|---|---|
| Key Type | Single secret key | Public/Private key pair |
| Speed | Very fast | Slower |
| Use Cases | Encrypting data, files, sessions | Key exchange, TLS handshakes, digital signatures |
| Example | AES, ChaCha20 | RSA, ECC |